Description
This article describes how to disable bypassing the FortiAuthenticator Agent login on a Windows machine.
Scope
FortiAuthenticator 6.4.6, FortiAuthenticator Agent 4.2.
Solution
Since it is possible to log in to a Windows machine without OTP and bypass the FortiAuthenticator Agent, it is recommended to disable 'Permit Built-in Password Providers' under the FortiAuthenticator Agent settings.
Navigate to Credential Provider Options -> Permit Built-in Password Providers.
Disable the setting and select Apply.
Lock the Windows machine and log in again, this time using the FortiAuthenticator Agent login window.
Related documents:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.